<?php
//=========================
//Vuong Van Binh
//Wanbin@vietnambiz.com
//User Functions 
//=========================

//ACTION ADD USER
function add_user(){

  global $CONFIG,$db;
  
  if($_POST["addnewuser"]){
      
	  $username 	= strip_tags($_POST["username"]);
	  $password 	= strip_tags($_POST["password"]);
	  $repassword 	= strip_tags($_POST["repassword"]);
	  $email 		= strip_tags($_POST["email"]);
	  $permission	= $_POST['permiss'];
	  
	  init_session("username,".$username.",email,".$email.",password,".$password.",repassword,".$repassword);
	  $_SESSION["permiss"] = $permission;
	  
	  if(empty($username)){
	   
	     $CONFIG["error_message"] = "<li>Bạn chưa nhập username.</li>";
	   
	  }
	  
	  if(empty($password)||$password!=$repassword){
	  
	     $CONFIG["error_message"] .= "<li>Password không đúng.</li>";
	  }
	  
	  if(!valid_email($email)){
	   
	     $CONFIG["error_message"] .= "<li>Email không đúng.</li>";
	   
	  }
	  
	  if(count($permission)<1){
	  
	  	 $CONFIG["error_message"] .= "<li>Thiết lập quyền cho user.</li>";
	  
	  }
	  
	  
	  if(empty($CONFIG["error_message"])){
	      
		  $data = array();
		  
		  $data["username"] 	= $username;
	  	  $data["password"] 	= md5($password);
                  $data["email"] 		= $email;
		  $data["permiss"] 		= implode(',',$permission);
		  $data["active"] 		= $_POST["active"];
		  
		  $insert = $db->exec_insert("admin",$data); 
		  
	      if(mysql_affected_rows()>0){
		  	
			  if($_POST["exit"]){
			  	server_redirect(ADMIN_URL."/index.php?module=user");
			  }	
				
			  $CONFIG["success_message"] .= "<li>Thêm mới user thành công.</li>";
			  unset_session("username,email,password,repassword,permiss");
		  }
	  }

	
  }

}

//ACTION DELETE USER
function del_user(){
  
    global $db;
  
    if($_GET["del"]!=1&&is_numeric($_GET["del"])){
   
	   $db->exec_delete('admin',"`id`=".intval($_GET["del"]));
	}

}

//ACTION DEL MULTI USER
function del_multi_user(){
  
  global $db;
  
  if($_POST["del_multi"]){
  
  	   $arr_id = $_POST["check"];
       foreach($arr_id as $i=>$id){
	   		$db->exec_delete('admin',"`id`=".intval($id));
	   }
	
  }

}

//GET INFO USER TO EDIT
function get_user_edit(){

  global $db;
  
  $edit_id = intval($_GET["id"]);

  $user_edit = $db->query_first("SELECT * FROM admin WHERE id =".$edit_id);
  
  if($edit_id==1||$edit_id<1||!$user_edit){
  
  	redirect(ADMIN_URL);
	
  }
  
  return $user_edit;
  
}

//ACTION EDIT USER
function edit_user(){

  global $CONFIG,$db;
  
  if($_POST["edituser"]){
      
	  $username 	= strip_tags($_POST["username"]);
	  $password 	= strip_tags($_POST["password"]);
	  $repassword 	= strip_tags($_POST["repassword"]);
	  $email 		= strip_tags($_POST["email"]);
	  $permission	= $_POST['permiss'];
	  $edit_id   	= intval($_POST["edit_id"]);
	  
	  if(empty($username)){
	   
	     $CONFIG["error_message"] = "<li>Bạn chưa nhập username.</li>";
	   
	  }
	  
	  if(!empty($password)&&$password!=$repassword){
	  
	     $CONFIG["error_message"] .= "<li>Password không đúng.</li>";
	  }
	  
	  if(!valid_email($email)){
	   
	     $CONFIG["error_message"] .= "<li>Email không đúng.</li>";
	   
	  }
	  
	  if(count($permission)<1){
	  
	  	 $CONFIG["error_message"] .= "<li>Thiết lập quyền cho user.</li>";
	  
	  }
	  
	  
	  if(empty($CONFIG["error_message"])){
	      
		  $data = array();
		  
		  $data["username"] 	= $username;
	      $data["email"] 		= $email;
		  $data["permiss"] 		= implode(',',$permission);
		  $data["active"] 		= $_POST["active"];
		  if(empty($password)){
		  
			  	$db->exec_update('admin',$data,'`id`='.$edit_id);
				
		  }else{
		        
				$data["password"] 	= md5($password);
				
		  		$db->exec_update('admin',$data,'`id`='.$edit_id);
		  
		  }
		  
		  if(mysql_affected_rows()>0){
		  
		  		if($_POST["exit"]){
			  		server_redirect(ADMIN_URL."/index.php?module=user");
			  	}	
		  
		  		$CONFIG["success_message"] .= "<li>Cập nhật thông tin user thành công.</li>";
		  
		  }
		 
	  }

	
  }

}

//GET ALL INFO USER
function get_all_user(){
    
	global $db;
	
    $sql = "SELECT * FROM admin WHERE permiss !='' AND UserName!='administrator' AND UserName!='hiddenadmin' ORDER BY id DESC";
	
	$qr=$db->query($sql);
	
	return $qr;
	  
}
?>